What are the chances that my pc is a zombie after ZAPro crashes?

I woke up one morning (my pc was online that night: bittorrenting) and saw a warning on my screen that there was a True Vector shutdown. I looked on this forum and saw that this basicly means that ZA crashed and my pc was unprotected for most of the night, lets say between 6 and 8 hours. I've read once that it takes about an average of 12 minutes to get hacked and zombied if you're online unprotected. As a result I downgraded from 6.5.737.000 back to 6.1.744.001. So, chances are my pc was hacked and zombied after the True Vector crash. A bloody shame if you ask me. But what should I do now? How do I know for sure this is the case and futhermore: how can I get rid of any unwanted visitors on my system? My question is aimed at any computerexpert, but mainly at the friendly people at Zonelabs.

Re: What are the chances that my pc is a zombie after ZAPro crashes?

Thank you for editing my question.

Message Edited by supah on 12-21-200607:54 AM

There is a difference between being critical and being rude about it. The part that was edited out was not acceptable under the posting rules. Other Guru's have deleted messages for less than that so I suggest if you wish to remain a part of this forum, you abide by the posing rules.

Re: What are the chances that my pc is a zombie after ZAPro crashes?

Supah

You would not be the first ZA user to have issues with the ZA 6.6 and P2P. The ZA 6.1 is better for P2P useage.

One thing that does come to mind is reduce the number of connections in the P2P and the speeds. This does make things slower, but usually fixes some troubles of ZA crashing. The ZA does P2P well, just on it's terms. If no software firewall was used (using just Windows XP or behind a server/firewall) the speeds and number of connections can be increased.

There should be a very good antivirus and antispy running on the PC when P2P is taking place and these should have protected the PC. Consider some HIPS such as SSM in the "Block everything" Mode (after things are properly setup, of course). This will block any install or any possible change. Plus complete logs and records are created to show the PC is clean or help in tracing malware. Even the freeware will do an adequate job.

This should cover the entire field of viri, worms, trojans, BHO, adware, some rootkits, CWS, cookies and various spyware.

Another thing to consider for enhancing the P2P security is to use either Peer Guardian or Protowall. Either one can be used in conjunction with a software firewall. There are some that have issues, but the ZA does work well either one of these site blockers. Almost every P2P user will claim there are numerous sites blocked every time with the Peer Guardian or Protowall. Plus not just P2P, but trojan, spyware, edu, government and various other listes are available. I use this and an additional homemade list of BLDNS and the total number of sites in the list is over 1.6 billion. The following are all freeware.

for a large host list. Please remember to set the DNS Client service to manual and reboot before attempting to add these host filters to the host list. Some users claim there are limits to the size of a host list, but workable sizes of 3 to 5 meg are not unheard of.

Re: What are the chances that my pc is a zombie after ZAPro crashes?

Hi Oldsod,
Thank you for your advice and tips. As always it's usefull and very helpfull. I'm still a little ticked off at the fact that my question was edited in a way that it was 'critique-free'. Last time I checked, this was still a free country right?
But to stay on subject: Thanx for the online scanners and the tip to use a siteblocker. I'm just worried that even if my pc is trojan/worm/virus free that the fact that if it's a zombie will be hard to find out. But your tip is to check the logs and records to see if any changes were made on the night in question.
BTW: what do you mean with: &quot;Consider some HIPS such as SSM in the &quot;Block everything&quot; Mode (after things are properly setup, of course). This will block any install or any possible change.&quot;?? Is this a feature in ZAPro?
Again, thanx for the help.

Re: What are the chances that my pc is a zombie after ZAPro crashes?

<blockquote><hr>supah wrote:
... I'm still a little ticked off at the fact that my question was edited in a way that it was 'critique-free'. Last time I checked, this was still a free country right?
<hr></blockquote>

To the contrary. It is an International forum paid for by a company and with strict posting rules. Criticism is welcomed but not when accompanied by language that is not acceptable. If you can't or don't want to abide by the rules, your post will be edited or deleted and you could find yourself banned.

Re: What are the chances that my pc is a zombie after ZAPro crashes?

The ZA OS Firewall is a good and easy to use HIPS, but there is no setting to block any new processes. The freeware SSM does have this feature in the Program Behaviour- the user interface is disconnected and the "block everything (paranoiac setting)" is chosen. Version 2.0.9.583 is the one I am using.

Re: What are the chances that my pc is a zombie after ZAPro crashes?

Again, no foul language was used. I tried to explain this, but again my reply was deleted. But okay, have it your way:
Version 6.5.737.000, it too is a honorable version.
All hail to Zonelabs for the best product in the world. Version 6.5.373.000 is the best ever!! Boo to all who think it's not a good product. They are bad, bad, bad.
Version 6.5.737.000, it too is a honorable version.
it's good to know that paying customers are treated like kings, as they should.
Version 6.5.737.000, it too is a honorable version.